I made the PR #59 for this patch.
We can do any discussion here.
Regards,
Christos
Στις 27/07/2017 09:52 πμ, ο Christos Tsantilas έγραψε:
The patch.
Στις 26/07/2017 12:37 μμ, ο Christos Tsantilas έγραψε:
Squid can be killed or maimed by enough clients that start multi-step
connection authentication but never follow up with the second HTTP
request while keeping their HTTP connection open. Affected helpers
remain in the "reserved" state and cannot be reused for other clients.
Observed helper exhaustion has happened without any malicious intent.
To address the problem, we add a helper reservation timeout. Timed out
reserved helpers may be reused by new clients/connections. To minimize
problems with slow-to-resume-authentication clients, timed out
reserved helpers are not reused until there are no unreserved running
helpers left. The reservations are tracked using unique integer IDs.
Also fixed Squid crashes caused by unexpected helper termination --
the raw UserRequest::authserver pointer could point to a deleted helper.
This is a Measurement Factory project.
_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev
_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev
_______________________________________________
squid-dev mailing list
squid-dev@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-dev